Tor and circumvention: Lessons learned. Roger Dingledine The Tor Project
|
|
- Elmer Stanley
- 5 years ago
- Views:
Transcription
1 Tor and circumvention: Lessons learned Roger Dingledine The Tor Project 1
2 What is Tor? Online anonymity 1) software, 2) network, 3) protocol Open source, freely available Community of researchers, developers, users, and relay operators Funding from US DoD, Electronic Frontier Foundation, Voice of America, Google, NLnet, Human Rights Watch,... 2
3 The Tor Project, Inc. 501(c)(3) non-profit organization dedicated to the research and development of tools for online anonymity and privacy 3
4 Estimated 300,000 daily Tor users 4
5 Threat model: what can the attacker do? Alice watch Alice! Anonymity network Control part of the network! Bob watch (or be!) Bob! 5
6 Anonymity isn't cryptography: Cryptography just protects contents. Alice Hi, Bob! <gibberish> attacker Hi, Bob! Bob 6
7 Anonymity isn't just wishful thinking... You can't prove it was me! Promise you won't look! Promise you won't remember! Promise you won't tell! I didn't write my name on it! Isn't the Internet already anonymous? 7
8 Anonymity serves different interests for different user groups. Anonymity It's privacy! Private citizens 8
9 Anonymity serves different interests for different user groups. Anonymity Businesses It's network security! It's privacy! Private citizens 9
10 Anonymity serves different interests for different user groups. It's traffic-analysis resistance! Governments Anonymity Businesses It's privacy! Private citizens It's network security! 10
11 Anonymity serves different interests for different user groups. It's traffic-analysis resistance! Human rights activists It's reachability! Governments Anonymity Businesses It's privacy! Private citizens It's network security! 11
12 The simplest designs use a single relay to hide connections. Alice1 E(Bob3, X ) Y Bob1 Alice2 Alice3 E(Bob1, Y ) E(Bob2, Z ) Relay Z X Bob2 Bob3 (example: some commercial proxy providers) 12
13 But a single relay (or eavesdropper!) is a single point of failure. Alice1 Alice2 Alice3 E(Bob3, X ) E(Bob1, Y ) E(Bob2, Z ) Evil Relay Y Z X Bob1 Bob2 Bob3 13
14 ... or a single point of bypass. Alice1 Alice2 Alice3 E(Bob3, X ) E(Bob1, Y ) E(Bob2, Z ) Irrelevant Relay Y Z X Bob1 Bob2 Bob3 Timing analysis bridges all connections through relay An attractive fat target 14
15 So, add multiple relays so that no single one can betray Alice. Alice Bob R1 R3 R4 R2 R5 15
16 A corrupt first hop can tell that Alice is talking, but not to whom. Alice Bob R1 R3 R4 R2 R5 16
17 Alice A corrupt final hop can tell that somebody is talking to Bob, but not who. Bob R1 R3 R4 R2 R5 17
18 Alice makes a session key with R1...And then tunnels to R2...and to R3 Alice Bob R1 R3 Bob2 R4 R2 R5 18
19 Relay versus Discovery There are two pieces to all these proxying schemes: a relay component: building circuits, sending traffic over them, getting the crypto right a discovery component: learning what relays are available 19
20 The basic Tor design uses a simple centralized directory protocol. S1 Trusted directory cache Alice S2 S3 Servers publish self-signed descriptors. Trusted directory cache Authorities publish a consensus list of all descriptors Alice downloads consensus and descriptors from anywhere 20
21 Attackers can block users from connecting to the Tor network By blocking the directory authorities By blocking all the relay IP addresses in the directory By filtering based on Tor's network fingerprint By preventing users from finding the Tor software 21
22 Blocked User Alice Alice Alice Alice Alice R3 Blocked User Alice R4 Bob Blocked User Alice Alice R2 Blocked User Alice Alice Alice R1 Blocked User Alice Alice Alice 22
23 Bridge relays Hundreds of thousands of Tor users, already self-selected for caring about privacy. Rather than signing up as a normal relay, you can sign up as a special bridge relay that isn't listed in any directory. No need to be an exit (so no abuse worries), and you can rate limit if needed Integrated into Vidalia (our GUI) so it's easy to offer a bridge or to use a bridge 23
24 24
25 25
26 26
27 27
28 28
29 How do you find a bridge? If you can, go to and it will tell you a few based on time and your IP address Mail bridges@torproject.org from a gmail/yahoo address, and we'll send you a few From your friends and neighbors, like before 29
30 Bridge directory authorities Specialized dir authorities that aggregate and track bridges, but don't provide a public list: You can keep up-to-date about a bridge once you know its key, but can't just grab list of all bridges. Identity key and address for default bridge authorities ship with Tor. Bridges publish via Tor, in case somebody is monitoring the authority's network. 30
31 One working bridge is enough Connect via that bridge to the bridge authority....and to the main Tor network. Remember, all of this happens in the background. How to circumvent for all transactions (and trust the pages you get) is now reduced to How to learn about a working bridge. 31
32 Hiding Tor's network fingerprint We got rid of plaintext HTTP (used by directories). Now clients tunnel their directory requests over the same TLS connection as their other Tor traffic. We've made Tor's TLS handshake look more like Firefox+Apache. When Iran kicked out Smartfilter in early 2009, Tor's old v2 dir design worked again! 32
33 Attacker's goals (1) Restrict the flow of certain kinds of information Embarrassing (rights violations, corruption) Opposing (opposition movements, sites that organize protests) Chill behavior by impression that online activities are monitored 33
34 Attacker's goals (2) Complete blocking is not a goal. It's not even necessary. Similarly, no need to shut down or block every circumvention tool. Just ones that are popular and effective (the ones that work) highly visible (make censors look bad to citizens -- and to bosses) 34
35 Attacker's goals (3) Little reprisal against passive consumers of information. Producers and distributors of information in greater danger. Censors (actually, govts) have economic, political, social incentives not to block the whole Internet. But they don't mind collateral damage. 35
36 Main network attacks Block by IP address / port at firewall Intercept DNS requests and give bogus responses or redirects China: Keywords in TCP packets Iran: DPI to filter SSL when they want Russia: Don't block, just pollute 36
37 What we're up against (1) Govt firewalls used to be stateless. Now they're buying fancier hardware. Burma vs Iran vs China New filtering techniques spread by commercial (American) companies :( How to separate oppressing employees vs oppressing citizens arms race? 37
38 What we're up against (2) Censorship is not uniform even within each country, often due to different ISP policies Attacker can influence other countries and companies to help them censor or track users. We'll see if the GNI (Global Network Initiative) changes that. 38
39 Blocking goes both ways If China blackholes your IP address, you can't reach Chinese websites either. So if exit relays are blackholed, Tor users can't read Chinese websites. :( And if you use dynamic IP addresses, then more and more of your neighbors can't read Chinese websites? 39
40 Only a piece of the puzzle (1) Assume the users aren't attacked by their hardware and software No spyware installed, no cameras watching their screens, etc Users need to know about SSL for gmail. Cookies. Etc. Many people in Iran in June were using plaintext proxies! 40
41 Only a piece of the puzzle (2) Users can fetch a genuine copy of Tor? GPG signatures are great, but nobody knows what that means, and nobody in Burma has my key. Gettor autoresponder. USB key spread by hand. Our secure updater should help. 41
42 Tor gives three anonymity properties #1: A local network attacker can't learn, or influence, your destination. Clearly useful for blocking resistance. #2: No single router can link you to your destination. The attacker can't sign up relays to trace users. #3: The destination, or somebody watching it, can't learn your location. So they can't reveal you; or treat you differently. 42
43 Sustainability Tor has a community of developers and volunteers. Commercial anonymity systems have flopped or constantly need more funding for bandwidth. Our sustainability is rooted in Tor's open design: clear documentation, modularity, and open source. 43
44 Responding to China blocks In late Sept, conflicting advice from experts: Hit 'em in the nose, show that you care about your users Lie low and let it pass. You're about more than China. Tor is a new approach to China bloggers: Find new bridge rather than get software update. 44
45 Publicity attracts attention Many circumvention tools launch with huge media splashes. (The media loves this.) But publicity attracts attention of the censors. We threaten their appearance of control, so they must respond. We can control the pace of the arms race. 45
46 Using Tor in oppressed areas Common assumption: risk from using Tor increases as firewall gets more restrictive. But as firewall gets more restrictive, more ordinary people use Tor too, for more mainstream activities. So the median use becomes more acceptable? 46
47 Other Iran user count Talked to chief security officer of one of the web 2.0 social networking sites: 10% of their Iranian users in June were coming through Tor 90% were coming from proxies in the Amazon cloud 47
48 Trust and reputation See Hal Roberts' blog post about how some circumvention tools sell user data Many of these tools see circumvention and privacy as totally unrelated goals 48
49 49
50 50
51 Other ongoing questions How to detect if bridges are blocked (and what to do once we know) Better strategies for giving bridges out (Twitter, better use of social networks; Kaist design project) 51
52 Bridge communities Volunteers run several bridges at once, or coordinate with other volunteers. The goal is that some bridges will be available at any given time. Each community has a bridge authority, to add new bridges to the pool, expire abandoned or blocked bridges, etc. All automated by the Tor client. 52
53 Advocacy and education Unending stream of people (e.g. in DC) who make critical policy decisions without much technical background Worse, there's a high churn rate Need to teach policy makers, business leaders, law enforcement, journalists,... Data retention? Internet driver's license? 53
54 Next steps Technical solutions won't solve the whole censorship problem. After all, firewalls are socially very successful in these countries. But a strong technical solution is still a critical puzzle piece. You should run a bridge! We only have 400. We'd love to help with some trainings, to help users and to make Tor better. 54
Tor: a brief intro. Roger Dingledine The Tor Project
Tor: a brief intro Roger Dingledine The Tor Project https://torproject.org/ 1 What is Tor? Online anonymity 1) software, 2) network, 3) protocol Open source, freely available Community of researchers,
More informationOnline Anonymity & Privacy. Andrew Lewman The Tor Project
Online Anonymity & Privacy Andrew Lewman The Tor Project https://torproject.org/ Outline Why anonymity? Crash course on Tor Future Informally: anonymity means you can't tell who did what Who wrote this
More informationTor: Online anonymity, privacy, and security.
Tor: Online anonymity, privacy, and security. Runa A. Sandvik runa@torproject.org 12 September 2011 Runa A. Sandvik runa@torproject.org () Tor: Online anonymity, privacy, and security. 12 September 2011
More informationOnlineAnonymity. OpenSource OpenNetwork. Communityof researchers, developers,usersand relayoperators. U.S.501(c)(3)nonpro%torganization
The Tor Project Our mission is to be the global resource for technology, advocacy, research and education in the ongoing pursuit of freedom of speech, privacy rights online, and censorship circumvention.
More informationVulnerabilities in Tor: (past,) present, future. Roger Dingledine The Tor Project https://www.torproject.org/
Vulnerabilities in Tor: (past,) present, future Roger Dingledine The Tor Project https://www.torproject.org/ 1 Outline Crash course on Tor Solved / solvable problems Tough ongoing issues, practical Tough
More informationTor, a quick overview
Tor, a quick overview Linus Nordberg The Tor Project https://torproject.org/ 1 What is Tor Online anonymity: 1. software, 2. network, 3. protocol Open source, freely available Community
More informationTor and circumvention: Lessons learned. Roger Dingledine The Tor Project https://torproject.org/
Tor and circumvention: Lessons learned Roger Dingledine The Tor Project https://torproject.org/ 1 Today's plan 0) Crash course on Tor 1) History of Tor censorship attempts 2) Attacks on low-latency anonymity
More informationTor: a quick overview. Roger Dingledine The Tor Project https://torproject.org/
Tor: a quick overview Roger Dingledine The Tor Project https://torproject.org/ 1 What is Tor? Online anonymity software and network Open source, freely available Community of researchers, developers, users,
More informationAnonymity and censorship circumvention with Tor
Anonymity and censorship circumvention with Tor Lunar July 8th, 2013 LSM2013, Brussels What is this Tor thing? Tor helps people Estimated 500,000 daily Tor users cf. https://metrics.torproject.org/users.html
More informationFBI Tor Overview. Andrew Lewman January 17, 2012
FBI Tor Overview Andrew Lewman andrew@torproject.org January 17, 2012 Andrew Lewman andrew@torproject.org () FBI Tor Overview January 17, 2012 1 / 28 What are we talking about? Crash course on anonymous
More informationAnonymity, Usability, and Humans. Pick Two.
Anonymity, Usability, and Humans. Pick Two. Runa A. Sandvik runa@torproject.org 20 September 2011 Runa A. Sandvik runa@torproject.org () Anonymity, Usability, and Humans. Pick Two. 20 September 2011 1
More informationTor Hidden Services. Roger Dingledine Free Haven Project Electronic Frontier Foundation.
Tor Hidden Services Roger Dingledine Free Haven Project Electronic Frontier Foundation http://tor.eff.org/ 31 July 2005 Talk Outline Tor overview Circuit-building in Tor Hidden services in Tor Demo Anonymity
More informationAnonymity Tor Overview
Anonymity Tor Overview Andrew Lewman andrew@torproject.org April 21, 2011 Andrew Lewman andrew@torproject.org () Anonymity Tor Overview April 21, 2011 1 / 1 What are we talking about? Crash course on anonymous
More informationBBC Tor Overview. Andrew Lewman March 7, Andrew Lewman () BBC Tor Overview March 7, / 1
BBC Tor Overview Andrew Lewman andrew@torproject.org March 7, 2011 Andrew Lewman andrew@torproject.org () BBC Tor Overview March 7, 2011 1 / 1 What are we talking about? Crash course on anonymous communications
More informationA SIMPLE INTRODUCTION TO TOR
A SIMPLE INTRODUCTION TO TOR The Onion Router Fabrizio d'amore May 2015 Tor 2 Privacy on Public Networks Internet is designed as a public network Wi-Fi access points, network routers see all traffic that
More informationTor: An Anonymizing Overlay Network for TCP
Tor: An Anonymizing Overlay Network for TCP Roger Dingledine The Free Haven Project http://tor.freehaven.net/ http://tor.eff.org/ December 28, 21C3 2004 Talk Outline Motivation: Why anonymous communication?
More informationCS Paul Krzyzanowski
Computer Security 17. Tor & Anonymous Connectivity Anonymous Connectivity Paul Krzyzanowski Rutgers University Spring 2018 1 2 Anonymity on the Internet Often considered bad Only criminals need to hide
More informationAnonymous Communications
Anonymous Communications Andrew Lewman andrew@torproject.org December 05, 2012 Andrew Lewman andrew@torproject.org () Anonymous Communications December 05, 2012 1 / 45 Who is this guy? 501(c)(3) non-profit
More informationPort-Scanning Resistance in Tor Anonymity Network. Presented By: Shane Pope Dec 04, 2009
Port-Scanning Resistance in Tor Anonymity Network Presented By: Shane Pope (Shane.M.Pope@gmail.com) Dec 04, 2009 In partial fulfillment of the requirements for graduation with the Dean's Scholars Honors
More informationThe Tor Network. Cryptography 2, Part 2, Lecture 6. Ruben Niederhagen. June 16th, / department of mathematics and computer science
The Tor Network Cryptography 2, Part 2, Lecture 6 Ruben Niederhagen June 16th, 2014 Tor Network Introduction 2/33 Classic goals of cryptography: confidentiality, data integrity, authentication, and non-repudiation.
More information0x1A Great Papers in Computer Security
CS 380S 0x1A Great Papers in Computer Security Vitaly Shmatikov http://www.cs.utexas.edu/~shmat/courses/cs380s/ Privacy on Public Networks Internet is designed as a public network Wi-Fi access points,
More informationComputer Security. 15. Tor & Anonymous Connectivity. Paul Krzyzanowski. Rutgers University. Spring 2017
Computer Security 15. Tor & Anonymous Connectivity Paul Krzyzanowski Rutgers University Spring 2017 April 24, 2017 CS 419 2017 Paul Krzyzanowski 1 Private Browsing Browsers offer a "private" browsing modes
More informationPrivate Browsing. Computer Security. Is private browsing private? Goal. Tor & The Tor Browser. History. Browsers offer a "private" browsing modes
Private Browsing Computer Security 16. Tor & Anonymous Connectivity Paul Krzyzanowski Rutgers University Spring 2017 Browsers offer a "private" browsing modes Apple Private Browsing, Mozilla Private Browsing,
More informationIP address. When you connect to another computer you send it your IP address.
Anonymity IP address When you connect to another computer you send it your IP address. It is very hard to communicate without revealing an address on which you can receive traffic. Recent court cases have
More informationUnderstanding, Growing, & Extending Online Anonymity
Understanding, Growing, & Extending Online Anonymity Andrew Lewman andrew@torproject.org January 25, 2010 Universal Declaration of Human Rights Article 19 Everyone has the right to freedom of opinion and
More informationAnonymous Communication and Internet Freedom
Anonymous Communication and Internet Freedom CS 161: Computer Security Prof. David Wagner May 2, 2013 Goals For Today State-sponsored adversaries Anonymous communication Internet censorship State-Sponsored
More informationAnonymous Communication and Internet Freedom
Anonymous Communication and Internet Freedom CS 161: Computer Security Prof. David Wagner April 29, 2016 Announcements Final exam in RSF Fieldhouse, 5/10, arrive by 7PM HW4 due Monday, 5/2, 11:59pm Review
More informationIntroduction. Overview of Tor. How Tor works. Drawback of Tor s directory server Potential solution. What is Tor? Why use Tor?
Introduction 1 Overview of Tor What is Tor? Why use Tor? How Tor works Encryption, Circuit Building, Directory Server Drawback of Tor s directory server Potential solution Using DNS Security Extension
More informationDFRI, Swedish Internet Forum 2012
DFRI, Swedish Internet Forum 2012 Andrew Lewman andrew@torproject.org April 18, 2012 Andrew Lewman andrew@torproject.org () DFRI, Swedish Internet Forum 2012 April 18, 2012 1 / 23 George Orwell was an
More informationProtocols for Anonymous Communication
18734: Foundations of Privacy Protocols for Anonymous Communication Anupam Datta CMU Fall 2016 Privacy on Public Networks } Internet is designed as a public network } Machines on your LAN may see your
More informationPutting the P back in VPN: An Overlay Network to Resist Traffic Analysis
Putting the P back in VPN: An Overlay Network to Resist Traffic Analysis Roger Dingledine The Free Haven Project http://freehaven.net/ Black Hat 2004 July 29, 2004 Talk Outline Motivation: Why anonymous
More informationNetwork Security: Anonymity. Tuomas Aura T Network security Aalto University, Nov-Dec 2010
Network Security: Anonymity Tuomas Aura T-110.5240 Network security Aalto University, Nov-Dec 2010 Outline 1. Anonymity and privacy 2. High-latency anonymous routing 3. Low-latency anonymous routing Tor
More informationAnonymous Communication with emphasis on Tor* *Tor's Onion Routing. Paul Syverson U.S. Naval Research Laboratory
Anonymous Communication with emphasis on Tor* *Tor's Onion Routing Paul Syverson U.S. Naval Research Laboratory 1 Dining Cryptographers (DC Nets) Invented by Chaum, 1988 Strong provable properties Versions
More informationDissecting Tor Bridges A Security Evaluation of their Private and Public Infrastructures
Dissecting Tor Bridges A Security Evaluation of their Private and Public Infrastructures Srdjan Matic, Carmela Troncoso, Juan Caballero Dublin 31 March 2017 Privacy in electronic communications Alice Bob
More informationTelex Anticensorship in the
Telex Anticensorship in the Network Infrastructure Eric Wustrow Ian Goldberg * Scott Wolchok J. Alex Halderman University of Michigan University of Michigan * University of Waterloo Background Internet
More informationFact Sheet: Cloud Flare and the Tor Project
Fact Sheet: Cloud Flare and the Tor Project What is the Tor Project? The Tor Project (TorProject.org) is a non-profit organization that develops and distributes free software to help millions of people
More information2012 in review: Tor and the censorship arms race. / Runa A. Sandvik /
2012 in review: Tor and the censorship arms race / Runa A. Sandvik / runa@torproject.org / @runasand Today, we re going to look at how Tor is being blocked and censored around the world. In the beginning...
More informationTHE SECOND GENERATION ONION ROUTER. Roger Dingledine Nick Mathewson Paul Syverson. -Presented by Arindam Paul
THE SECOND GENERATION ONION ROUTER Roger Dingledine Nick Mathewson Paul Syverson 1 -Presented by Arindam Paul Menu Motivation: Why do we need Onion Routing? Introduction : What is TOR? Basic TOR Design
More informationthis security is provided by the administrative authority (AA) of a network, on behalf of itself, its customers, and its legal authorities
INFRASTRUCTURE SECURITY this security is provided by the administrative authority (AA) of a network, on behalf of itself, its customers, and its legal authorities Goals * prevent or mitigate resource attacks
More informationNetwork Security: Anonymity. Tuomas Aura T Network security Aalto University, Nov-Dec 2012
Network Security: Anonymity Tuomas Aura T-110.5241 Network security Aalto University, Nov-Dec 2012 Outline 1. Anonymity and privacy 2. High-latency anonymous routing 3. Low-latency anonymous routing Tor
More informationanonymous routing and mix nets (Tor) Yongdae Kim
anonymous routing and mix nets (Tor) Yongdae Kim Significant fraction of these slides are borrowed from CS155 at Stanford 1 q Why? Anonymous web browsing 1. Discuss health issues or financial matters anonymously
More informationThe Activist Guide to Secure Communication on the Internet. Introduction
The Activist Guide to Secure Communication on the Internet Posted by: The Militant Posted on: September 3rd 2008 Updated on: September 8th 2008 Introduction 1 - Secure Internet Access 1.1 - Internet Cafes
More informationOnline Anonymity. Andrew Lewman June 8, 2010
Online Anonymity Andrew Lewman andrew@torproject.org June 8, 2010 What is anonymity? Anonymity isn t cryptography Cryptography protects the contents in transit You still know who is talking to whom, how
More informationTor. Tor Anonymity Network. Tor Basics. Tor Basics. Free software that helps people surf on the Web anonymously and dodge censorship.
Tor Tor Anonymity Network Free software that helps people surf on the Web anonymously and dodge censorship. CS 470 Introduction to Applied Cryptography Ali Aydın Selçuk Initially developed at the U.S.
More informationAnonymity. Assumption: If we know IP address, we know identity
03--4 Anonymity Some degree of anonymity from using pseudonyms However, anonymity is always limited by address TCP will reveal your address address together with ISP cooperation Anonymity is broken We
More informationOnion Routing. Varun Pandey Dept. of Computer Science, Virginia Tech. CS 6204, Spring
Onion Routing Varun Pandey Dept. of Computer Science, Virginia Tech 1 What is Onion Routing? a distributed overlay network to anonymize TCP based routing Circuit based (clients choose the circuit) Each
More informationCS 134 Winter Privacy and Anonymity
CS 134 Winter 2016 Privacy and Anonymity 1 Privacy Privacy and Society Basic individual right & desire Relevant to corporations & government agencies Recently increased awareness However, general public
More informationENEE 459-C Computer Security. Security protocols
ENEE 459-C Computer Security Security protocols Key Agreement: Diffie-Hellman Protocol Key agreement protocol, both A and B contribute to the key Setup: p prime and g generator of Z p *, p and g public.
More informationNetwork Security: Anonymity. Tuomas Aura T Network security Aalto University, autumn 2015
Network Security: Anonymity Tuomas Aura T-110.5241 Network security Aalto University, autumn 2015 Outline 1. Anonymity and privacy 2. High-latency anonymous routing 3. Low-latency anonymous routing Tor
More informationA Peel of Onion. Paul Syverson U.S. Naval Research Laboratory.
A Peel of Onion Paul Syverson U.S. Naval Research Laboratory paul.syverson@nrl.navy.mil http://www.syverson.org Our motivation here is not to provide anonymous communication, but to separate identification
More informationOnion services. Philipp Winter Nov 30, 2015
Onion services Philipp Winter pwinter@cs.princeton.edu Nov 30, 2015 Quick introduction to Tor An overview of Tor Tor is a low-latency anonymity network Based on Syverson's onion routing......which is based
More informationENEE 459-C Computer Security. Security protocols (continued)
ENEE 459-C Computer Security Security protocols (continued) Key Agreement: Diffie-Hellman Protocol Key agreement protocol, both A and B contribute to the key Setup: p prime and g generator of Z p *, p
More informationCS232. Lecture 21: Anonymous Communications
CS232 Lecture 21: Anonymous Communications November 21, 2018 2 You Are Not Anonymous 3 Your IP address can be linked directly to you ISPs store communications records Usually for several years (Data Retention
More informationTor: The Second-Generation Onion Router. Roger Dingledine, Nick Mathewson, Paul Syverson
Tor: The Second-Generation Onion Router Roger Dingledine, Nick Mathewson, Paul Syverson Introduction Second Generation of Onion Routing Focus on deployability Perfect forward secrecy Separation of protocol
More informationAnonymous communications: Crowds and Tor
Anonymous communications: Crowds and Tor Basic concepts What do we want to hide? sender anonymity attacker cannot determine who the sender of a particular message is receiver anonymity attacker cannot
More informationTor update Roger Dingledine The Tor Project
Tor update 2012 Roger Dingledine The Tor Project https://torproject.org/ 1 Today's plan 0) Crash course on Tor 1) History of Tor censorship attempts 2) Attacks on low-latency anonymity 3) Tor performance
More informationCE Advanced Network Security Anonymity II
CE 817 - Advanced Network Security Anonymity II Lecture 19 Mehdi Kharrazi Department of Computer Engineering Sharif University of Technology Acknowledgments: Some of the slides are fully or partially obtained
More informationChallenges in building overlay networks: a case study of Tor. Steven Murdoch Principal Research Fellow University College London
Challenges in building overlay networks: a case study of Steven Murdoch Principal Research Fellow University College London Who uses? Ordinary people e.g. to avoid unscrupulous marketers, protect children,
More informationAnonymous Network Concepts & Implementation
FORENSIC INSIGHT; DIGITAL FORENSICS COMMUNITY IN KOREA Anonymous Network Concepts & Implementation kevinkoo001@gmail.com Overview 1. Overview & Background 2. Anonymous Network tor freenet Gnunet I2P 3.
More informationYou are the internet
The Onion Router Hello World I'm Tony I am interested in the concept of security I work for a local ISP / MSP I like skills sharing / access to knowledge Hackspaces are awesome 2 You are the internet DEMO
More informationAnonymity C S A D VA N C E D S E C U R I T Y TO P I C S P R E S E N TAT I O N BY: PA N AY I OTO U M A R KO S 4 T H O F A P R I L
Anonymity C S 6 8 2 A D VA N C E D S E C U R I T Y TO P I C S P R E S E N TAT I O N BY: PA N AY I OTO U M A R KO S 4 T H O F A P R I L 2 0 1 9 Tor: The Second- Generation Onion Router R. DINGLEDINE N.
More informationComputer Security. 10r. Recitation assignment & concept review. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 10r. Recitation assignment & concept review Paul Krzyzanowski Rutgers University Spring 2018 April 3, 2018 CS 419 2018 Paul Krzyzanowski 1 1. What is a necessary condition for perfect
More informationPeeling Onions Understanding and using
hiro@torproject.org Peeling Onions Understanding and using the network Know your onions What is Tor and what it can do for you. How Tor provides privacy and anonymity Using Tor at the application layer:
More informationCollecting Data about Internet Censorship and Surveillance on a Global Scale. Jed Crandall
Collecting Data about Internet Censorship and Surveillance on a Global Scale Jed Crandall crandall@cs.unm.edu What I hope to convince you of... Internet censorship and surveillance is a global phenomenon
More informationCSE 484 / CSE M 584: Computer Security and Privacy. Anonymity Mobile. Autumn Tadayoshi (Yoshi) Kohno
CSE 484 / CSE M 584: Computer Security and Privacy Anonymity Mobile Autumn 2018 Tadayoshi (Yoshi) Kohno yoshi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin, Ada Lerner, John Manferdelli,
More informationSIP and VoIP What is SIP? What s a Control Channel? History of Signaling Channels
Network Security - ISA 656 Voice Over IP (VoIP) Security Simple SIP ing Alice s Bob Session Initiation Protocol Control channel for Voice over IP (Other control channel protocols exist, notably H.323 and
More informationONIONS ADVENTURES HOW TO USE ONION SERVICES AND THE NETWORK IN YOUR WEB ENDEAVORS hiro@torproject.org https://mastodon.social/@nopressure https://twitter.com/nopressure HI! TOR BOOTH IN BUILDING K (we
More informationTelex Anticensorship in the Network Infrastructure
Telex Anticensorship in the Network Infrastructure Eric Wustrow Scott Wolchok Ian Goldberg * J. Alex Halderman University of Michigan *University of Waterloo In Proceedings of the 20 th USENIX Security
More informationChanging Threats To Privacy Moxie Marlinspike Institute For Disruptive Studies
Changing Threats To Privacy moxie@thoughtcrime.org Cypherpunks Government Dangerous Scared The Fuck Out Of Them Ultimate Control No Control As Dangerous? = Cryptography Is Not A Banana!= Cypherpunks
More information2 ND GENERATION ONION ROUTER
2 ND GENERATION ONION ROUTER Roger Dingledine, Nick Mathewson and Paul Syverson Presenter: Alejandro Villanueva Agenda Threat model Cells and circuits Other features Related work How does it work? Rendezvous
More informationHow Alice and Bob meet if they don t like onions
How Alice and Bob meet if they don t like onions Survey of Network Anonymisation Techniques Erik Sy 34th Chaos Communication Congress, Leipzig Agenda 1. Introduction to Anonymity Networks Anonymity Strategies
More informationFACEBOOK SAFETY FOR JOURNALISTS. Thanks to these partners for reviewing these safety guidelines:
FACEBOOK SAFETY FOR JOURNALISTS Thanks to these partners for reviewing these safety guidelines: 10 STEPS TO KEEP YOURSELF SAFE Journalists are using Facebook in innovative ways to do their jobs, tell stories,
More informationCS Final Exam
CS 600.443 Final Exam Name: This exam is closed book and closed notes. You are required to do this completely on your own without any help from anybody else. Feel free to write on the back of any page
More informationPrivacy SPRING 2018: GANG WANG
Privacy SPRING 2018: GANG WANG Privacy in Computing Location privacy Anonymous web surfing Data loss prevention Data mining privacy 3 LOCATION Privacy Location Privacy Pervasive use of GPS-enabled mobile
More information21 Lessons Learned From Sending Over 110,000 s
21 Lessons Learned From Sending Over 110,000 Emails By Stuart Walker http://www.nichehacks.com DISCLAIMER / LEGAL NOTICES: Although the author and publisher have made every effort to ensure that the information
More informationDefinition. Quantifying Anonymity. Anonymous Communication. How can we calculate how anonymous we are? Who you are from the communicating party
Definition Anonymous Communication Hiding identities of parties involved in communications from each other, or from third-parties Who you are from the communicating party Who you are talking to from everyone
More informationNetwork Security. Traffic analysis and anonymization. Radboud University Nijmegen, The Netherlands. Autumn 2014
Network Security Traffic analysis and anonymization Radboud University Nijmegen, The Netherlands Autumn 2014 The next weeks Today (Monday, Oct. 13): last lecture Friday Oct. 17: werkcollege Monday Oct.
More informationCNT Computer and Network Security: Privacy/Anonymity
CNT 5410 - Computer and Network Security: Privacy/Anonymity Professor Kevin Butler Fall 2015 When Confidentiality is Insufficient 2 Privacy!= Confidentiality Confidentiality refers to the property of the
More informationPrivacy defense on the Internet. Csaba Kiraly
Advanced Networking Privacy defense on the Internet Csaba Kiraly 1 Topics Anonymity on the Internet Chaum Mix Mix network & Onion Routing Low-latency anonymous routing 2 Anonymity: Chaum mix David L. Chaum
More informationApplication Firewalls
Application Moving Up the Stack Advantages Disadvantages Example: Protecting Email Email Threats Inbound Email Different Sublayers Combining Firewall Types Firewalling Email Enforcement Application Distributed
More informationAnalysing Onion Routing Bachelor-Thesis
Analysing Onion Routing Bachelor-Thesis Steffen Michels June 22, 2009 Abstract Although methods for reaching security goals such as secrecy, integrity and authentication are widely used in the Internet,
More informationHiding Amongst the Clouds
Hiding Amongst the Clouds A Proposal for Cloud-based Onion Routing Nicholas Jones Matvey Arye Jacopo Cesareo Michael J. Freedman Princeton University https://www.torproject.org/about/overview.html We and
More informationTraffic Optimization in Anonymous Networks
Traffic Optimization in Anonymous Networks Patrik Kristel patrik.kristel@onedata.sk Ján Lučanský jan.lucansky@stuba.sk Ivan Kotuliak ivan.kotuliak@stuba.sk Abstract Anonymous communication networks, such
More informationThe Internet of Things. Steven M. Bellovin November 24,
The Internet of Things Steven M. Bellovin November 24, 2014 1 What is the Internet of Things? Non-computing devices...... with CPUs... and connectivity (Without connectivity, it s a simple embedded system)
More informationIntroducing SOR: SSH-based Onion Routing
Introducing SOR: SSH-based Onion Routing André Egners Dominik Gatzen Andriy Panchenko Ulrike Meyer 28th of March 2012 On the Internet......nobody knows you re a dog [1993] Introduction Motivation (1) encryption
More informationHow to Improve Your Campaign Conversion Rates
How to Improve Your Email Campaign Conversion Rates Chris Williams Author of 7 Figure Business Models How to Exponentially Increase Conversion Rates I'm going to teach you my system for optimizing an email
More informationThe Parrot is Dead: Observing Unobservable Network Communications. Amir Houmansadr Chad Brubaker Vitaly Shmatikov
The Parrot is Dead: Observing Unobservable Network Communications Amir Houmansadr Chad Brubaker Vitaly Shmatikov Internet Censorship The Internet is a big threat to repressive regimes! Repressive regimes
More informationComputer Security Exam 3 Review. Paul Krzyzanowski. Rutgers University. Spring 2017
Computer Security 2017 Exam 3 Review Paul Krzyzanowski Rutgers University Spring 2017 April 18, 2018 CS 419 2017 Paul Krzyzanowski 1 Exam 3: Grade vs. Completion Time 5 Question 1 A high False Reject Rate
More informationAnonymity Analysis of TOR in Omnet++
Anonymity Analysis of TOR in Omnet++ Carmelo Badalamenti Mini Workshop on Security Framework 2006, Catania, December 12, 2006 "Security in Mobility" Badalamenti TOR & Omnet++
More informationPerfect Imitation and Secure Asymmetry for Decoy Routing Systems with Slitheen. 20 June 2017 EPFL Summer Research Institute
Perfect Imitation and Secure Asymmetry for Decoy Routing Systems with Slitheen Cecylia Bocovich Ian Goldberg 20 June 2017 EPFL Summer Research Institute Censorship Censors may monitor, alter or block traffic
More informationAnonymity With Tor. The Onion Router. July 21, Technische Universität München
The Onion Router Nathan S. Evans Christian Grothoff Technische Universität München July 21, 2011 Overview What is Tor? Motivation Background Material How Tor Works Hidden Services Attacks Specific Attack
More informationFeatures of a proxy server: - Nowadays, by using TCP/IP within local area networks, the relaying role that the proxy
Que: -Proxy server Introduction: Proxy simply means acting on someone other s behalf. A Proxy acts on behalf of the client or user to provide access to a network service, and it shields each side from
More informationProxy server is a server (a computer system or an application program) that acts as an intermediary between for requests from clients seeking
NETWORK MANAGEMENT II Proxy Servers Proxy server is a server (a computer system or an application program) that acts as an intermediary between for requests from clients seeking resources from the other
More informationThe Definitive Guide to Office 365 External Sharing. An ebook by Sharegate
The Definitive Guide to Office 365 External Sharing An ebook by Sharegate The Definitive Guide to External Sharing In any organization, whether large or small, sharing content with external users is an
More informationTOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS
TOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS 1 Introduction Your data and infrastructure are at the heart of your business. Your employees, business partners, and
More informationComputer Science 461 Final Exam May 22, :30-3:30pm
NAME: Login name: Computer Science 461 Final Exam May 22, 2012 1:30-3:30pm This test has seven (7) questions, each worth ten points. Put your name on every page, and write out and sign the Honor Code pledge
More information1110 Cool Things Your Firewall Should Do. Extend beyond blocking network threats to protect, manage and control application traffic
1110 Cool Things Your Firewall Should Do Extend beyond blocking network threats to protect, manage and control application traffic Table of Contents The Firewall Grows Up 1 What does SonicWALL Application
More informationWar Stories from the Cloud Going Behind the Web Security Headlines. Emmanuel Mace Security Expert
War Stories from the Cloud Going Behind the Web Security Headlines Emmanuel Mace Security Expert The leading cloud platform for enabling secure, high-performing user experiences on any device, anywhere.
More informationInterception Technology
Interception Technology The Good, The Bad, and The Ugly! Massachusetts Institute of Technology Page 1 What is Interception Ability to list/view/record information as it travels between some number of parties,
More informationPrivacy: Whose Information Is It?
Chapter 13: Shhh, It's a Secret: Privacy and Digital Security Fluency with Information Technology Third Edition by Lawrence Snyder Privacy: Whose Information Is It? What is privacy? Examine a transaction
More information